CVE-2007-0654
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow.
Desbordamiento inferior de búfer en X MultiMedia System (xmms) 1.2.10 permite a atacantes remotos con la intervención del usuario ejecutar código de su elección mediante información de cabecera manipulada en una imagen de mapa de bits de una piel (skin), que resulta en un desbordamiento de búfer basado en pila.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-02-01 CVE Reserved
- 2007-03-21 CVE Published
- 2024-03-01 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/23986 | Third Party Advisory | |
| http://secunia.com/advisories/24645 | Third Party Advisory | |
| http://secunia.com/advisories/24804 | Third Party Advisory | |
| http://secunia.com/advisories/24889 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/463408/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/23078 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/1057 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33203 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/secunia_research/2007-47/advisory | 2018-10-16 | |
| http://www.debian.org/security/2007/dsa-1277 | 2018-10-16 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:071 | 2018-10-16 | |
| http://www.novell.com/linux/security/advisories/2007_6_sr.html | 2018-10-16 | |
| http://www.ubuntu.com/usn/usn-445-1 | 2018-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| X Multimedia System Search vendor "X Multimedia System" | X Multimedia System Search vendor "X Multimedia System" for product "X Multimedia System" | 1.2.10 Search vendor "X Multimedia System" for product "X Multimedia System" and version "1.2.10" | - |
Affected
| ||||||